/
backend.go
61 lines (50 loc) · 1.26 KB
/
backend.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
package authfile
import (
"context"
"github.com/hashicorp/vault/logical"
"github.com/hashicorp/vault/logical/framework"
log "github.com/mgutz/logxi/v1"
)
//Factory function implementation
func Factory(ctx context.Context, conf *logical.BackendConfig) (logical.Backend, error) {
b := Backend(conf)
err := b.Setup(ctx, conf)
if err != nil {
return nil, err
}
return b, nil
}
//Backend function implementation
func Backend(conf *logical.BackendConfig) *backend {
var b backend
b.logger = conf.Logger
if b.logger.IsInfo() {
b.logger.Info("vault-auth-file: starting...", "version", HumanVersion)
}
b.Backend = &framework.Backend{
Help: backendHelp,
BackendType: logical.TypeCredential,
PathsSpecial: &logical.Paths{
Unauthenticated: []string{
"login*",
},
},
Paths: append([]*framework.Path{
pathLogin(&b),
pathLoginUserpass(&b),
pathConfig(&b),
}),
AuthRenew: b.pathLoginRenew,
}
return &b
}
type backend struct {
*framework.Backend
logger log.Logger
}
const backendHelp = `
File authentication backend takes a username and password and verify
them against passwords like unix file. Passwords hash are in glibc compatible
SHA512 format (see man crypt).
Policies are assigned also in password file, as coma separated list.
`